Scary Beasts Security
SEPTEMBER 25, 2014
AddressSanitizer, or ASAN , is an excellent tool for detecting subtle memory errors at runtime in C / C++ programs. It is now a productionized option in both the clang and gcc compilers, and has assisted in uncovering literally thousands of security bugs. ASAN works by instrumenting compiled code with careful detections for runtime errors. It is primarily a detection tool.
Elie
SEPTEMBER 1, 2014
In-depth research publications, industry talks and blog posts about Google security, research at Google and cybersecurity in general in open-access.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
NopSec
SEPTEMBER 18, 2014
Threat intelligence is an increasing popular buzzword in security magazine articles and blogs. It also is becoming more prevalent in product and services offerings from security vendors. The value of threat intelligence is that it can provide timely information on real-time threats and help improve detection and mitigation response times. When pairing threat intelligence and vulnerability management process, threat intelligence becomes a powerful way to quickly prioritize remediation.
Scary Beasts Security
SEPTEMBER 27, 2014
[Prelude: sorry, this has nothing to do with security whatsoever. Feel free to bail now if you're not interested in a classic 1980's game, and rest assured that non-security posts to this blog will remain extremely rare.] The BBC Micro game Exile , released in 1988, has a realistic claim for the best game ever. I lost months of my youth to this game.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
NopSec
SEPTEMBER 16, 2014
With the time, effort and resources that companies dedicate to penetration testing, it can be frustrating (at best) to not be guaranteed a successful outcome. Your organization may be trying to address the challenges of the consumerization of IT and bring-your-own movements, the shift to cloud computing, or simply trying to achieve regulatory compliance.
NopSec
SEPTEMBER 14, 2014
No industry is immune to IT security breaches and it seems that retailers have been in the spotlight of late. Home Depot is the latest company to confirm a cyber-attack. For large publicly traded companies, the impact of a breach is measured by decreased sales revenue, lower stock prices, expenses associated with the breach, and departures of top executives.
Expert insights. Personalized for you.
56 
Let's personalize your content